Verify your certificates for macOS Server 5.3 and earlier

If you're having trouble with xscertd, or when assigning certificates to Services, you might need to verify the Keychain Access Controls.

If you see messages containing "getCACerts" in your log files, or if you have problems assigning your certificates to services in OS X Server, Access Controls might be preventing the server from accessing the private key component of the identity.

Verify Access Controls

Open Keychain Access on the server.

Select the System Keychain from the sidebar on the left.

Select the All Items category using the sidebar on the left. If you don't see All Items, click .